Facebook exposes private data

Share this article:
Facebook users' dates of birth were revealed at some point in public beta tests of a profile redesign. According to the security firm Sophos, the information was visible to others, even if a member had requested it remain private.

"For a brief period of time, a small number of users were able to access a private beta of Facebook's new site design meant only for developers. During that time, some of those users had their birthdays revealed due to a bug," Facebook said in a statement.

The user data would be valuable for identity thieves, warned Graham Cluley, senior technology consultant at Sophos.

Cluley claimed in a web posting that Facebook told members to use a fake birth date going forward, which could violate Facebook's own policy.

In the online post, Cluley said, “Facebook requires you to provide your real birth date, but then failed to properly protect it. With Facebook's terms and conditions as they are at the moment, you need to decide whether you are prepared to deliberately violate them, or stop using the social networking website entirely.”

Facebook demurred, however. A Facebook spokesperson told SCMagazineUS.com that "Facebook has in no way suggested that users set up false birthday information."

According to the Facebook developer's blog, Facebook will start rolling out its new corrected design to users this week.

 

Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Pentagon to triple its security workforce by 2016

Pentagon to triple its security workforce by 2016

Defense Secretary Chuck Hagel recently announced the recruitment efforts during a speech in Fort Meade, Md.

Tech manufacturer's online payment system breached

LaCie confirmed an unauthorized party used malware to access its online payment system for almost a year and could have stolen customer information.

The Heartbleed bug works, and could be a scapegoat for older breaches

The Heartbleed bug works, and could be a ...

Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached ...